Support User Manuals

Nokia IPSO 4.0 Cell Phone User Manual

Open as PDF

of 510

8

304 Nokia Network Voyager for IPSO 4.0 Reference Guide

5. If you entered a passphrase when you generated the certificate and private key, you must

enter the passphrase in the Passphrase field.

6. Click Submit.

Troubleshooting SSL/TLS Configuration

You might have trouble accessing Nokia Network Voyager if SSL/TLS is not configured

correctly. If you have trouble accessing Network Voyager, try the following remedies.

 Check that you are using the correct URL. When you enable SSL/TLS, you must use https

rather than http when you connect through your Web browser, unless the Redirect HTTP

Requests to HTTPS option is enabled.

 Check that you are using the correct PEM-encoded certificate and private key, and that they

are installed properly with the dashed begin and end lines. You can view the certificate and

private key in the /var/etc/voyager_ssl_server.crt and /var/etc/voyager_ssl_server.key files

respectively.

 Check the HTTP daemon error message log. You can find the messages in the following

logs: /var/log/httpd_error_log and /var/log/ssl_engine_log. The messages can help you

troubleshoot further and might contain important information for Customer Support should

you contact them.

Secure Shell (SSH)

IPSO uses the Secure Shell (SSH) program to provide secure connections for the CLI. SSH

allows you to securely log in to another computer over a network, execute commands on a

remote platform, and move files from one platform to another platform. SSH provides a

connection similar to Telnet or rlogin, except that the traffic is encrypted and both ends are

authenticated.

The Nokia SSH implementation supports both SSHv1and SSHv2. Some of the differences

between SSHv1 and SSHv2 include what part of the packet the protocol encrypts and how each

protocol authenticates: SSHv1 authenticates with server and host keys, while SSHv2

authenticates by using only host keys. Even though SSHv1 uses server and host-key

authentication, SSHv2 is a more secure, faster, and more portable protocol. In some cases,

SSHv1 might be more suitable because of your client software or your need to use the

authentication modes of the protocol.

Properly used, SSH provides you with session protection from the following security threats:

 DNS spoofing

 Interception of passwords

 IP spoofing

 IP source routing

 Person-in-the-middle attacks (SSHv2 only)

previous next